Lucene search
K

128 matches found

Cvelist
Cvelist
added 2018/11/27 6:0 p.m.29 views

CVE-2018-12241

The Symantec Security Analytics SA 7.x prior to 7.3.4 Web UI is susceptible to a reflected cross-site scripting XSS vulnerability. A remote attacker with knowledge of the SA web UI hostname or IP address can craft a malicious URL for the SA web UI and target SA web UI users with phishing attacks ...

6.1AI score0.00999EPSS
Exploits0References2
CVE
CVE
added 2018/11/27 6:0 p.m.52 views

CVE-2018-12241

CVE-2018-12241 affects Symantec Security Analytics Web UI (SA) 7.x prior to 7.3.4; vulnerability is a reflected cross-site scripting (XSS) in the Web UI, allowing a remote attacker who knows the SA host to craft a malicious URL and entice SA users to reveal or run malicious JavaScript in the brow...

6.1CVSS6AI score0.00999EPSS
Exploits0References2Affected Software1
Symantec
Symantec
added 2018/11/20 8:1 a.m.45 views

Reflected XSS Vulnerability in Security Analytics Web UI

SUMMARY The Symantec Security Analytics SA Web UI is susceptible to a reflected cross-site scripting XSS vulnerability. A remote attacker with knowledge of the SA web UI hostname or IP address can craft a malicious URL for the SA web UI and target SA web UI users with phishing attacks or other...

4.3CVSS6AI score0.00999EPSS
Exploits0Affected Software1
Carbon Black Blog
Carbon Black Blog
added 2018/10/04 2:0 p.m.92 views

Partner Perspectives: Integrate your SIEM, UEBA + EDR Solution with Securonix and Carbon Black

Nitin Agale is the Senior VP of Products for Securonix. Your endpoints are a valuable part of your enterprise structure. They are the computers your employees use and the servers your company depends on. Defending your endpoints is important, but it’s critical that your endpoint defense is just o...

1AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2018/08/30 4:0 p.m.56 views

Building the security operations center of tomorrow—harnessing the law of data gravity

This post was coauthored by Diana Kelley, Cybersecurity Field CTO, and Sin John, EMEA Chief Security Advisor, Cybersecurity Solutions Group. Youve got a big dinner planned and your dishwasher goes on the fritz. You call the repair company and are lucky enough to get an appointment for that...

Exploits0
OSV
OSV
added 2018/08/24 3:29 p.m.4 views

CVE-2018-11061

RSA NetWitness Platform versions prior to 11.1.0.2 and RSA Security Analytics versions prior to 10.6.6 are vulnerable to a server-side template injection vulnerability due to insecure configuration of the template engine used in the product. A remote authenticated malicious RSA NetWitness Server...

9.1CVSS6.1AI score0.04982EPSS
Exploits0References4
Prion
Prion
added 2018/08/24 3:29 p.m.14 views

Sql injection

RSA NetWitness Platform versions prior to 11.1.0.2 and RSA Security Analytics versions prior to 10.6.6 are vulnerable to a server-side template injection vulnerability due to insecure configuration of the template engine used in the product. A remote authenticated malicious RSA NetWitness Server...

9CVSS9.1AI score0.04982EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2018/08/24 3:0 p.m.47 views

CVE-2018-11061

RSA NetWitness Platform versions prior to 11.1.0.2 and RSA Security Analytics versions prior to 10.6.6 are vulnerable to a server-side template injection caused by insecure template engine configuration. A remote authenticated malicious RSA NetWitness Server user with an Admin or Operator role co...

9.1CVSS9.2AI score0.04982EPSS
Exploits0References4Affected Software2
Cvelist
Cvelist
added 2018/08/24 3:0 p.m.13 views

CVE-2018-11061

RSA NetWitness Platform versions prior to 11.1.0.2 and RSA Security Analytics versions prior to 10.6.6 are vulnerable to a server-side template injection vulnerability due to insecure configuration of the template engine used in the product. A remote authenticated malicious RSA NetWitness Server...

9.1CVSS9.3AI score0.04982EPSS
Exploits0References4
Carbon Black Blog
Carbon Black Blog
added 2018/06/27 5:0 p.m.32 views

10 Endpoint Security Problems Solved by the Cloud – Integrating Security Products

This blog is the third in the series: 10 Endpoint Security Problems Solved by the Cloud. Last week we investigated how cloud based security solutions are able to keep software up to date. This week we’re tackling problem 2: Integrating security products. Your Systems Are Siloed Cybersecurity isn’...

7.1AI score
Exploits0
CNVD
CNVD
added 2018/06/05 12:0 a.m.1 views

RSA Web Threat Detection SQL Injection Vulnerability

EMC RSA Web Threat Detection is a big data and security analytics solution from EMC. The solution detects cybercrime using Web session intelligence and real-time behavioral analysis. An SQL injection vulnerability exists in the Administration and Forensics applications in EMC RSA Web Threat...

8.8CVSS8.2AI score0.01997EPSS
Exploits0References1
Symantec
Symantec
added 2018/04/26 8:0 a.m.45 views

SA165: NTP Vulnerabilities February 2018

SUMMARY Symantec Network Protection products using affected versions of the NTP reference implementation from ntp.org are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to execute arbitrary code, modify the target's system time, prevent the target fro...

7.5CVSS1.4AI score0.2985EPSS
Exploits5Affected Software10
Akamai Blog
Akamai Blog
added 2018/04/16 11:0 a.m.36 views

Introducing Web Security Analytics

Every security team knows that the success of any security product relies heavily on the ability to maintain an optimal security configuration. Any misconfiguration can result in malicious or undesired traffic reaching the application, or worse - legitimate traffic being blocked. In addition, it...

0.1AI score
Exploits0
Akamai Blog
Akamai Blog
added 2018/04/14 1:0 p.m.11 views

Introducing Web Security Analytics

Every security team knows that the success of any security product relies heavily on the ability to maintain an optimal security configuration. Any misconfiguration can result in malicious or undesired traffic reaching the application, or worse - legitimate traffic being blocked. In addition, it...

1.2AI score
Exploits0
Symantec
Symantec
added 2018/01/30 8:0 a.m.38 views

SA163: OpenSSH Vulnerability October 2017

SUMMARY Symantec Network Protection products using affected versions of OpenSSH are susceptible to a security vulnerability. A remote attacker with read-only access to an SFTP server can create a large number of zero-length files and deplete the target's hard disk space. AFFECTED PRODUCTS The...

5CVSS1.4AI score0.03359EPSS
Exploits0Affected Software5
Symantec
Symantec
added 2018/01/16 8:0 a.m.55 views

SA159: OpenSSL Vulnerabilities 7-Dec-2017

SUMMARY Symantec Network Protection products using affected versions of OpenSSL are susceptible to two security vulnerabilities. A remote attacker can obtain Diffie-Hellman private key information and sensitive information accidentally transmitted in plaintext over an SSL/TLS connection. AFFECTED...

4.3CVSS0.5AI score0.78675EPSS
Exploits1Affected Software9
Symantec
Symantec
added 2018/01/08 8:0 a.m.63 views

SA161: Local Information Disclosure Due to Meltdown and Spectre Attacks

SUMMARY Symantec Network Protection products, which run on an affected CPU chipset and execute arbitrary code from external sources, are susceptible to several information disclosure vulnerabilities aka Meltdown and Spectre attacks. A remote attacker, with the ability to execute arbitrary code...

4.7CVSS1.6AI score0.93838EPSS
Exploits13Affected Software4
Symantec
Symantec
added 2018/01/03 12:0 a.m.254 views

Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability

Description Multiple CPU Hardware are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Apple Mac Os X 10.11.6 Apple iOS 11.2 Apple macOS 10.12.6 Apple macOS 10.13.2 Apple tvOS...

4.7CVSS5.9AI score0.93838EPSS
Exploits13References6Affected Software54
Carbon Black Blog
Carbon Black Blog
added 2017/08/30 11:2 a.m.52 views

August 30, 2017 – Morning Cyber Coffee Headlines – “Eiffel Tower” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! August 30, 2017 - Headlines Carbon Black in the News: Carbon Black names Marco...

6.7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2017/07/25 11:52 a.m.64 views

July 25, 2017 – Morning Cyber Coffee Headlines – “Henry Ford” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! July 25, 2017 - Headlines UK gov wants teens to practice cybersecurity in their...

6.8AI score
Exploits0
Rows per page
Query Builder